CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42094 – net/iucv: Avoid explicit cpumask var allocation on stack
https://notcve.org/view.php?id=CVE-2024-42094
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not rec... • https://git.kernel.org/stable/c/2b085521be5292016097b5e7ca81b26be3f7098d • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-42093 – net/dpaa2: Avoid explicit cpumask var allocation on stack
https://notcve.org/view.php?id=CVE-2024-42093
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not r... • https://git.kernel.org/stable/c/b2262b3be27cee334a2fa175ae3afb53f38fb0b1 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42092 – gpio: davinci: Validate the obtained number of IRQs
https://notcve.org/view.php?id=CVE-2024-42092
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs Value of pdata->gpio_unbanked is taken from Device Tree. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification Center (linuxtesting.org) with SVACE. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-... • https://git.kernel.org/stable/c/eb3744a2dd01cb07ce9f556d56d6fe451f0c313a •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42091 – drm/xe: Check pat.ops before dumping PAT settings
https://notcve.org/view.php?id=CVE-2024-42091
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. ... • https://git.kernel.org/stable/c/dd08ebf6c3525a7ea2186e636df064ea47281987 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42090 – pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
https://notcve.org/view.php?id=CVE-2024-42090
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER In create_pinctrl(), pinctrl_maps_mutex is acquired before calling add_setting(). ... A deadlock flaw was found in the Linux kernel’s pinctrl subsystem. ... Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. ... Zheng Wang discovered a use-after-free in the Renesas Ethernet A... • https://git.kernel.org/stable/c/42fed7ba44e4e8c1fb27b28ad14490cb1daff3c7 • CWE-833: Deadlock •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42089 – ASoC: fsl-asoc-card: set priv->pdev before using it
https://notcve.org/view.php?id=CVE-2024-42089
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: set priv->pdev before using it priv->pdev pointer was set after being used in fsl_asoc_card_audmux_init(). In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: set priv->pdev before using it priv->pdev pointer was set after being used in fsl_asoc_card_audmux_init(). • https://git.kernel.org/stable/c/708b4351f08c08ea93f773fb9197bdd3f3b08273 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42088 – ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link
https://notcve.org/view.php?id=CVE-2024-42088
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link Commit e70b8dd26711 ("ASoC: mediatek: mt8195: Remove afe-dai component and rework codec link") removed the codec entry for the ETDM1_OUT_BE dai link entirely instead of replacing it with COMP_EMPTY(). In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link Commit e70b8dd26711 ("A... • https://git.kernel.org/stable/c/e70b8dd26711704b1ff1f1b4eb3d048ba69e29da •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42087 – drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
https://notcve.org/view.php?id=CVE-2024-42087
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep The ilitek-ili9881c controls the reset GPIO using the non-sleeping gpiod_set_value() function. In the Linux kernel, the following vulnerability has been resolved: drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep The ilitek-ili9881c controls the reset GPIO using the non-sleeping gpiod_set_value() function. ... • https://git.kernel.org/stable/c/b71348be1236398be2d04c5e145fd6eaae86a91b •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42086 – iio: chemical: bme680: Fix overflows in compensate() functions
https://notcve.org/view.php?id=CVE-2024-42086
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate() functions There are cases in the compensate functions of the driver that there could be overflows of variables due to bit shifting ops. These implications were initially discussed here [1] and they were mentioned in log message of Commit 1b3bd8592780 ("iio: chemical: Add support for Bosch BME680 sensor"). [1]: https://lore.kernel.org/linux-iio/20180728114028.3c1bbe81@archlin... • https://git.kernel.org/stable/c/1b3bd8592780c87c5eddabbe98666b086bbaee36 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42085 – usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock
https://notcve.org/view.php?id=CVE-2024-42085
29 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIG_USB_DWC3_DUAL_ROLE is selected, and trigger system to enter suspend status with below command: echo mem > /sys/power/state There will be a deadlock issue occurring. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock Wh... • https://git.kernel.org/stable/c/2fa487a9466760a4fb6f147aed6219379dabfc2e •